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LISTING OF THE CLAIMS: 

1 . (Currently Amended) A method for securely handling an information unit by a first 
information processing device (2) interoperating with a second secure information processing 
device (1), whereby the information unit is provided by an issuer, 



the method comprising the steps: 

transmitting (3, 25, 35) the information uni t, in an encrypted form, from the first issuer to. 
the first information processing device (2) , tho information unit being proc e ss e d by a 
cryptographic proc es s ; 

providing the second secure information processing device with at least one key for th e 
eryptographio process on th e s e cond s e oure information proc e ssing d e vic e (1) for use in 
decrypting the information unit : and 

the first information processing device (i) receiving the at least one key from the second 
information processing device, and (ii) cryptographioally reprocessing (29, 38) decrypting the 
information unit by using the at least one key. 

2. (Original) The method according to claim 1, comprising: 

providing (3, 25, 35) the information unit from the issuer to the first information 
processing device (2), the information unit being encrypted by using at least a first key; 

providing the first key from the issuer to the first information processing device (2), the 
first key being encrypted by using at least a second key; 
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providing the at least one second key on the second secure information processing device 

(i); 

interconnecting the first information processing device (2) and the second secure 
information processing device (1); 

on side of the second secure information processing device, decrypting (27) the at least 
first key by using the at least second key; and 

decrypting (29) the information unit by using the decrypted at least first key. 

3. (Original) The method according to claim 1, comprising: 

providing (3, 25, 35) the information unit from the issuer to the first information 
processing device (2), the information unit being signed by using a signature; 

providing the signature from the issuer to the first information processing device (2), the 
signature being generated by using at least one key; 

providing the at least one key for signature verification on the second secure information 
processing device (1); 

interconnecting the first information processing device (2) and the second secure 
information processing device (1); 

transferring the at least one key for signature verification from the second secure 
information processing device to the first information processing device; and 

verifying the signature of the information unit by using the at least one key. 
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4. (Original) The method according to claim 2, wherein the decrypted at least first key is 
transferred to the first information processing device (2) and the information unit is decrypted 
(29) on side of the first device (2). 

5. (Original) The method according to claim 1 , wherein the first information processing 
device (2) provides a control command (26, 36) to the second secure information processing 
device (1) to initiate decryption of the at least first key by using the at least second key and/or to 
initiate transferring the signature key for signature verification from the second secure device to 
the first device. 

6. (Original) The method according to claim 5, wherein the encrypted information unit, 
the encrypted first key, and/or the signature key, and/or the generated signature, and/or the control 
command are downloaded (25, 35) from a central server (4). 

7 . (Original) The method according to claim 3 , wherein the second key and/or the key for 
signature verification are/is securely stored on the second secure device (1) at time of its issuing 
by the issuer. 

8. (Currently Amended) Th e m e thod according to olaim 2, A method for securely 
handling an information unit by a first information processing device (2) interoperating with a 
second secure information processing device (1). whereby the information unit is provided bv an 
issuer, 
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the method comprising the steps: 

transmitting (3. 25, 351 the information unit from the issuer to the first information 
processing data device (2). the information unit being processed by a cryptographic process: 

providing at least one key for the cryptographic process on the second secure information 
processing devicef I): and 

the first information processing device ffl receiving the at least one key from the second 
informatio n processing device* and (iO crvptographically reprocessing (29. 381 the information 
unit by using the at least one kev: 

providing (3. 25. 35) the information unit from the issuer to the first information 
processing device (2\ the information unit being encrypted bv using at least a first kev: 

providing the first kev from the issuer to the first information processing device (2\ the 
first key being encrypted bv using at least a second kev: 

providing the at least one second kev on the second secure information processing device 
f Q: and 

wherein at least a third key is provided for external authentication and/or release control of 
the respective information unit. 

9. (Original) The method according to claim 8, wherein the first device (2) is initiated to 
gather a new release of the information unit from the issuer, depending on the respective status of 
the third key. 
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10. (Original) The method according to claim 9, wherein the new release of the 
information unit is downloaded from an internet server (4) provided by the issuer. 

1 1 . (Original) The method according to claim 2, wherein the at least first key and/or the 
signature are/is randomized between different sessions of providing the information unit from the 
issuer to the first device (2), 

12. (Original) The method according to claim 1 , wherein the first information processing 
device (2) is a terminal device, and the second secure information processing device (1) is a 
portable device. 

13. (Original) The method according to claim 12, wherein the terminal device is a chip 
card reader and the portable device is a chip card. 

1 4. (Currently Amended) A system for securely handling an information unit, comprising 
a first information processing device (2) interoperating with a second secure information 
processing device (1), the information unit being provided by an issuer, comprising: 

the first device (2) comprising 

a storage for storing the information unit in an encrypted form: and 
the second secure device (1) comprising 

.a storage (6) for storing at least one key for a cryptographic procooo use in 
decrypting the information unit : and 
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the first device further comprising (i) means for receiving the at least one key from 
the second information processing device, and (ii) means for oryptographically 
reprocessing decrypting the information unit by using the at least one key. 

15. (Original) The system according to claim 14, wherein 
the first device (2) comprises 

a storage for storing the information unit, encrypted by using at least a first key, 
and a storage for storing the first key, encrypted by using at least a second key; 
the second secure device (1) comprises 

a storage (6) for storing the at least one second key, and processing means for 
decrypting the at least first key by using the at least second key; and 

providing means for decrypting the information unit by using the decrypted at least 
first key. 

16. (Original) The system according to claim 14, wherein 
the first device (2) comprises 

a storage for storing the information unit and a signature for the information unit; 
the second secure device (1) comprises 

a storage (6) for storing at least one signature key; 
providing means for verifying the signature of the information unit by using the at least 
one signature key. 

7 

O:\IbinM0S\t264a\AMENDM 2640 jamZjdoc 




PACE 12/28 • RCVD AT 4/15/2004 3:56:31 PM [Eastern Daylight Time] " SVR:USPTO-EFXRF-1/3 * DNIS:8729308 * CSID: 51 67424366 * DURATION (mm-ss):08-36 



4-15-04; 2:52PM;SSMP FAX 



; 5 1 67424366 



# 13/ 28 



17. (Original) The system according to claim 14, wherein the second secure device (1) 
provides an access control by means of the information unit. 

18. (Original) The system according to claim 14, wherein the second secure device (1) 
comprises a processor to make specific functions of the second secure device usable/accessible on 
the first device or on at least a third device (5) attached to the first device. 

19. (Original) The system according to claim 14, wherein the first device (2) comprises 
processing means for decrypting (29) the information unit by use of the decrypted at least first 
key. 

20. (Original) The system according to claim 14, wherein the second secure device (1) 
comprises means to initiate decryption of the at least first key by using the at least second key 
and/or means to initiate transfer of the signature key for signature verification from the second 
secure device to the first device. 

2 1 . (Original) The system according to claim 1 4, wherein the first device (2) comprises 
means to download the encrypted information unit, the encrypted first key, and/or the generated 
signature, and/or the control command, from a central server (4). 
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22. (Original) The system according to claim 14, wherein the second secure device (1) 
comprises a non-erasable storage to store the second key and/or the signature key at time of its 
issuing. 

23. (Currently Amended) Th e oyfit e m according to claim 11, A system for securely 
handling an information unit comprising a first information processing device (2) interonerating 
with a second secure information processing device (1 \ the infor mation unit being provided bv an 
issuer, comprising: 

the first device (2) comprising 

a storage for storing the information unit: and 

the second secure device (1) comprising 

a storage (6) for storing at least one key for a cryptographic process: and 

the first device further comprising (i) means for receiving the at least one key from the 
second in formation processing device, and (ii) means for decrypting the information unit bv using 
the at least one kev: and 

wherein the first device (2) and/or the second secure device (1) comprise/s a storage (6) 
for storing at least a third key for external authentication and/or release control of the information 
unit and processing means (7) for processing the third key. • 

24. (Original) The system according to claim 23, wherein the first device (2) comprises 
means to initiate download of a new release of the information unit, depending on the respective 
status of the third key. 
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25. (Original) The system accordingto claim 21, wherein the central server (4) comprises 
a randomizer for randomizing the at least first key and/or the signature between different sessions 
of providing the information unit from the issuer to the first device. 

26. (Original) The system according to claim 1 4, wherein the first information processing 
device (2) is a terminal device, and the second secure information processing device (1) is a 
portable device. 

27. (Original) The system according to claim 26, wherein the terminal device is a chip 
card reader and the portable device is a chip card. 

28. (Currently Amended) A chip card (1) for securely handling an information unit by 
interoperating with an information handling terminal device (2), comprising a storage (6) for 
storing an at least one key for th e cryptographic proooss use in decrypting the information unit. 
and means for transmitting the at least one key to said handling terminal device to enable said 
device to oryptographically proc o aa an decrypt the information unit after received by said device 
in an encrypted form from an issuer. 

29. (Original) The chip card according to claim 28, wherein processing means (7) 
performing an access control is controlled by an information unit. 

10 
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3 0. (Original) The chip card according to claim 28, wherein a processor (7) runs specific 
functions on the terminal device (2, 5) or on at least a second device attached to the terminal 
device (2, 5). 

31. (Original) The chip card according to claim 28, farther comprising means for 
transferring of the at least one second key to the terminal device (2, 5) and/or means for 
decrypting of the at least first key by using the at least second key and/or means to initiate transfer 
of the signature key for signature verification. 

32. (Original) The chip card according to claim 30, wherein a non-erasable storage (6) 
stores the second key and/or the signature key at time of its issuing. 

33. (Currently Amended) Tho chip card according to claim 32; A chin card (1) for 
securely han dling an information unit by interoperating with an information handling terminal 
device (2\ co mprising a storage (6) for storing an at least one key for the cryptographic process. 
and means for transmitting the at least one key to said handling terminal device to enable said 
device to c rvptographicaUv process an information unit received by said device from an issuer: 

wherein a processor (7) runs specific functions on the terminal device (2, 5^ or on at least 
a second device attached to the terminal device (2. 5): and 

wherein a non-er asable storage (6) stores the second key and/or the signature key at time 
of its issuing: and 
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further comprising a storage (6) for storing at least a third key for external authentication 
and/or release control of the information unit and processing means (7) for processing the third 
key. 

34. (Original) The chip card according to claim 33, wherein said processing means (7) 
initiates download of a new release of the information unit, depending on the respective status of 
the third key. 

35. (Currently Amended) A chip card accepting device (2), for securely handling an 
information uni t, received by the accepting device in an encrypted form, by interoperating with a 
chip card (1), comprising a storage for storing the information unit in an encrypted form, means 
for receiving at least one key for use in decrypting the information unit from a chip card, and 
means for cryptographioally reprocessing decrypting the information unit by using the at least one 
key. 

36. (Original) The chip card accepting device according to claim 35, further comprising 
means for decrypting the information unit by using at least one key. 

37. (Original) The chip card accepting device according to claim 36, further comprising 
means for verifying a digital signature. 
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38. (Currently Amended) Th e ohip card aooopting dovic e aooording to olaim 37, A chip 
card accepting device (2). for securely handling an information unit by interoperating with a chip 
card (l\ comprising 

a storage for storing the information unit: 

means for receiving at least one key from a chip card: 



means for cryptographicallv reprocessing the information unit by using the at least one 



means for decrypting the information unit by using at least one key: 
means for verifying a digital signature: and 

fttrth e r comprising means for downloading the encrypted information unit, the at least one 
key and the digital signature from a central server (4). 

39. (Currently Amended) ¥he chip card accepting device according to claim 35, further 
e empri s ing A chip card accepting device (2\ for securely handling an information unit bv 
interoperating with a chip card (1). comprising 

a storage for storing the information unit: 

means for receiving at least one key from a chip card: 

means for crypto graphically reprocessing the information unit bv using the at least one 
key: and 

a storage for storing at least a third key for external authentication and/or release control 
of the information unit and processing means for processing the third key. 




key; 
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40. (Original) The chip card accepting device according to claim 39, farther comprising 
means to initiate download of a new release of the information unit, depending on the respective 
status of the third key. 

41. (Currently Amended) A program storage device readable by machine, tangibly 
embodying a program of instructions executable by the machine to perform method steps for 
securely handling an information unit by a first information processing device (2) interoperating 
with a second secure information processing device (1 ), whereby the information unit is provided 
by an issuer, said method steps comprising: 

transmitting (3, 25, 35) the information uni t, in an encrypted form, from the issuer to the 
first information processing device (2) , th e information unit being proc e ssed by a cryptographic 
process ; 

providing the second secure information processing device with at least one key for fee 
cryptographic process on the second socur e information processing d e vic e (1) for use in 
decrypting the information unit : and 

the first information processing device (i) receiving the at least one key from the second 
information processing device, and (ii) cryptographically reprocessing (29, 38) decrypting the 
information unit by using the at least one key. 

42. (Previously Presented) A program storage device according to claim 41 , said method 
steps further comprising: 

providing (3, 25, 35) the information unit from the issuer to the first information 
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processing device (2), the information unit being encrypted by using at least a first key; providing 
the first key from the issuer to the first information processing device (2), the first key being 
encrypted by using at least a second key; 

providing the at least one second key on the second secure information processing device 

(i); 

interconnecting the first information processing device (2) and the second secure 
information processing device (1); 

on side of the second secure information processing device, decrypting (27) the at least 
first key by using the at least second key; and 

decrypting (29) the information unit by using the decrypted at least first key. 

43. (Previously Presented) A program storage device according to claim 41 , said method 
steps further comprising: 

providing (3, 25, 35) the information unit from the issuer to the first information 
processing device (2), the information unit being signed by using a signature; 

providing the signature from the issuer to the first information processing device (2), the 
signature being generated by using at least one key; 

providing the at least one key for signature verification on the second secure information 
processing device (1); 

interconnecting the first information processing device (2) and the second secure 
information processing device (1); 
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transferring the at least one key for signature verification from the second secure 
information processing device to the first information processing device to the first information 
processing device; and 

verifying the signature of the information unit by using the at least one key. 



i 
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